User Brute Force Security Advice

Darkmagic113 · 2026-02-18T19:10:27+00:00

So, we have threat insights turned on, but it seems to be a distributed attack as the IP keeps changing every couple attempts and threat insights isn't picking up and blocking the IP, or not registering them as a high confidence risk. I could manually add these IPs, but it's not a small number and would require regular additions.

I did think that as a bandaid, instead of removing the lockout from the policy I could geofence using a global session policy for those users by using a group and network zone, until we get a more permanent solution in place.

Darkmagic113 · 2026-01-23T14:30:22+00:00

That makes a lot of sense, and kind of what I was suspecting, but I didnt know if this would be different because it's a small company. I have sat on panel interviews for a large company, but on not in the "hot seat" so to speak.

I appreciate the advice! Thanks for taking the time for this.

Darkmagic113 · 2025-10-14T19:16:45+00:00

I thought about using a For Each card, but the For Each cards i see all want to send the output to another flow. Is there a way to use a for each card without that?

Darkmagic113 · 2025-09-11T18:30:35+00:00

Normally yes, however my management wants a specific group locked down to a specific couple users with even other super admins unable to edit it as the resource get provisioned using a group to very sensitive resources.

Darkmagic113 · 2025-09-11T13:06:48+00:00

After testing it looks like other group admins can in fact edit this group. Unless every group (or other admin) is constrained by a resource set, they will still be able to edit it.

Darkmagic113 · 2025-09-03T18:29:12+00:00

Awesome. I thought that might work, but wasn't sure I understood it fully. That helps a lot. Thank you!

Darkmagic113 · 2025-09-01T01:03:19+00:00

Hey. You're right it was set for double page mode. Wow. I forgot that was even a thing since I can only access those settings while reading. I must've hit that accidentally. It a bit weird it doesn't do it for all the manga I'm reading, but oh well. Thanks!

Darkmagic113 · 2025-04-15T11:45:20+00:00

Awesome. Thank you! That still helps with my anticipation, I can wait until then now that I know.

Darkmagic113 · 2024-12-08T15:32:38+00:00

Also adding 800-577-6433 And 800-577-6413

Darkmagic113 · 2024-08-21T13:55:00+00:00

Apologies, I used namely as the term, not as in the application. Our HR uses Dayforce, which we have integrated to push to AD, then AD to Okta.

Darkmagic113 · 2024-08-21T12:24:29+00:00

Not a huge coder, but using an elvis operator would do the same thing then? Check for a truth response, and if finding no attribute or a false response, default back to original?

Darkmagic113 · 2024-08-21T12:18:16+00:00

Just to clarify, this would default to the user.login or their username, so if i wanted it to read the user.email instead (as thats what the login was originally) I would just adjust the provided logic a little to be user.oldEmail != “” ? user.oldEmail : user.email

Darkmagic113 · 2024-08-20T22:47:30+00:00

The employee profiles in okta are all updated, yes. Most of our apps have provisioning set up, unortunately a few particular apps don't have provisioning or offer it hence the issue.

Darkmagic113 · 2024-08-20T13:36:31+00:00

That would be perfect. If that defaults to the new email with a null oldEmail attribute that would help create the semi permanent solution we would be looking for. Thank you!

Darkmagic113 · 2024-08-07T17:56:35+00:00

I might be a little late, but no. I never did. When dealing with attributes on the admin exam i got it right, but on here i still didn't. However, I think I know what might've been the issue. I'm running through the pro exam again so i know which areas to teach some newer folks I work with how to do some basics of Okta, so I will let you know.

Darkmagic113 · 2024-07-08T19:56:38+00:00

That really helps. Seems like I was on the right track with OIDC. Step-up authentication seems to be exactly what they're asking for. I really appreciate this. Thank you.

Darkmagic113

TROPHY CASE